001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.auth;
016    
017    import com.liferay.portal.NoSuchUserException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.kernel.log.Log;
020    import com.liferay.portal.kernel.log.LogFactoryUtil;
021    import com.liferay.portal.kernel.util.LocaleUtil;
022    import com.liferay.portal.kernel.util.ParamUtil;
023    import com.liferay.portal.kernel.util.PropsKeys;
024    import com.liferay.portal.kernel.util.StringPool;
025    import com.liferay.portal.kernel.util.Validator;
026    import com.liferay.portal.kernel.util.WebKeys;
027    import com.liferay.portal.model.CompanyConstants;
028    import com.liferay.portal.model.User;
029    import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
030    import com.liferay.portal.service.ServiceContext;
031    import com.liferay.portal.service.UserLocalServiceUtil;
032    import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
033    import com.liferay.portal.theme.ThemeDisplay;
034    import com.liferay.portal.util.PortalUtil;
035    import com.liferay.portal.util.PrefsPropsUtil;
036    import com.liferay.portal.util.PropsValues;
037    import com.liferay.util.PwdGenerator;
038    
039    import java.util.Calendar;
040    import java.util.Locale;
041    import java.util.Map;
042    
043    import javax.servlet.http.HttpServletRequest;
044    import javax.servlet.http.HttpServletResponse;
045    
046    /**
047     * @author Brian Wing Shun Chan
048     * @author Prashant Dighe
049     */
050    public class OpenSSOAutoLogin extends BaseAutoLogin {
051    
052            protected User addUser(
053                            long companyId, String firstName, String lastName,
054                            String emailAddress, String screenName, Locale locale)
055                    throws Exception {
056    
057                    long creatorUserId = 0;
058                    boolean autoPassword = false;
059                    String password1 = PwdGenerator.getPassword();
060                    String password2 = password1;
061                    boolean autoScreenName = false;
062                    long facebookId = 0;
063                    String openId = StringPool.BLANK;
064                    String middleName = StringPool.BLANK;
065                    int prefixId = 0;
066                    int suffixId = 0;
067                    boolean male = true;
068                    int birthdayMonth = Calendar.JANUARY;
069                    int birthdayDay = 1;
070                    int birthdayYear = 1970;
071                    String jobTitle = StringPool.BLANK;
072                    long[] groupIds = null;
073                    long[] organizationIds = null;
074                    long[] roleIds = null;
075                    long[] userGroupIds = null;
076                    boolean sendEmail = false;
077                    ServiceContext serviceContext = new ServiceContext();
078    
079                    return UserLocalServiceUtil.addUser(
080                            creatorUserId, companyId, autoPassword, password1, password2,
081                            autoScreenName, screenName, emailAddress, facebookId, openId,
082                            locale, firstName, middleName, lastName, prefixId, suffixId, male,
083                            birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
084                            organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
085            }
086    
087            @Override
088            protected String[] doLogin(
089                            HttpServletRequest request, HttpServletResponse response)
090                    throws Exception {
091    
092                    long companyId = PortalUtil.getCompanyId(request);
093    
094                    if (!PrefsPropsUtil.getBoolean(
095                                    companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
096                                    PropsValues.OPEN_SSO_AUTH_ENABLED)) {
097    
098                            return null;
099                    }
100    
101                    String serviceUrl = PrefsPropsUtil.getString(
102                            companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
103    
104                    if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
105                            return null;
106                    }
107    
108                    boolean ldapImportEnabled = PrefsPropsUtil.getBoolean(
109                            companyId, PropsKeys.OPEN_SSO_LDAP_IMPORT_ENABLED,
110                            PropsValues.OPEN_SSO_LDAP_IMPORT_ENABLED);
111                    String screenNameAttr = PrefsPropsUtil.getString(
112                            companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
113                            PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
114                    String emailAddressAttr = PrefsPropsUtil.getString(
115                            companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
116                            PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
117                    String firstNameAttr = PrefsPropsUtil.getString(
118                            companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
119                            PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
120                    String lastNameAttr = PrefsPropsUtil.getString(
121                            companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
122                            PropsValues.OPEN_SSO_LAST_NAME_ATTR);
123    
124                    Map<String, String> nameValues = OpenSSOUtil.getAttributes(
125                            request, serviceUrl);
126    
127                    String screenName = nameValues.get(screenNameAttr);
128                    String emailAddress = nameValues.get(emailAddressAttr);
129                    String firstName = nameValues.get(firstNameAttr);
130                    String lastName = nameValues.get(lastNameAttr);
131    
132                    if (_log.isDebugEnabled()) {
133                            _log.debug(
134                                    "Validating user information for " + firstName + " " +
135                                            lastName + " with screen name " + screenName +
136                                            " and email address " + emailAddress);
137                    }
138    
139                    User user = null;
140    
141                    if (PrefsPropsUtil.getBoolean(
142                                    companyId, PropsKeys.USERS_SCREEN_NAME_ALWAYS_AUTOGENERATE)) {
143                            try {
144                                    user = UserLocalServiceUtil.getUserByEmailAddress(
145                                            companyId, emailAddress);
146    
147                                    ScreenNameGenerator screenNameGenerator =
148                                            ScreenNameGeneratorFactory.getInstance();
149    
150                                    screenName = screenNameGenerator.generate(
151                                            companyId, user.getUserId(), emailAddress);
152                            }
153                            catch (NoSuchUserException nsue) {
154                            }
155                    }
156    
157                    if (ldapImportEnabled) {
158                            try {
159                                    String authType = PrefsPropsUtil.getString(
160                                            companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE,
161                                            PropsValues.COMPANY_SECURITY_AUTH_TYPE);
162    
163                                    if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
164                                            user = PortalLDAPImporterUtil.importLDAPUser(
165                                                    companyId, StringPool.BLANK, screenName);
166                                    }
167                                    else {
168                                            user = PortalLDAPImporterUtil.importLDAPUser(
169                                                    companyId, emailAddress, StringPool.BLANK);
170                                    }
171                            }
172                            catch (SystemException se) {
173                            }
174                    }
175                    else {
176                            if (Validator.isNull(emailAddress)) {
177                                    return handleException(
178                                            request, response, new Exception("Email address is null"));
179                            }
180                    }
181    
182                    if (user == null) {
183                            try {
184                                    user = UserLocalServiceUtil.getUserByScreenName(
185                                            companyId, screenName);
186                            }
187                            catch (NoSuchUserException nsue) {
188                            }
189                    }
190    
191                    if (user == null) {
192                            ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
193                                    WebKeys.THEME_DISPLAY);
194    
195                            Locale locale = LocaleUtil.getDefault();
196    
197                            if (themeDisplay != null) {
198    
199                                    // ThemeDisplay should never be null, but some users
200                                    // complain of this error. Cause is unknown.
201    
202                                    locale = themeDisplay.getLocale();
203                            }
204    
205                            if (_log.isDebugEnabled()) {
206                                    _log.debug("Adding user " + screenName);
207                            }
208    
209                            user = addUser(
210                                    companyId, firstName, lastName, emailAddress, screenName,
211                                    locale);
212                    }
213    
214                    String currentURL = PortalUtil.getCurrentURL(request);
215    
216                    if (currentURL.contains("/portal/login")) {
217                            String redirect = ParamUtil.getString(request, "redirect");
218    
219                            if (Validator.isNull(redirect)) {
220                                    redirect = PortalUtil.getPathMain();
221                            }
222    
223                            request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
224                    }
225    
226                    String[] credentials = new String[3];
227    
228                    credentials[0] = String.valueOf(user.getUserId());
229                    credentials[1] = user.getPassword();
230                    credentials[2] = Boolean.TRUE.toString();
231    
232                    return credentials;
233            }
234    
235            private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
236    
237    }